> Paco, can you not just use a different URI instead of different
> RefParams in order to distinguish between multiple services behind a
> gateway? If not, why?
Because people want to only expose a single endpoint, and then
have their infrastructure dispatch or route based on things like message
content. There several reasons for doing this; one of the most compelling
is that they do not want to expose *anything* about their internal
deployment details. It avoids giving attackers any information.
/r$
--
Rich Salz Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html